urlscan.io logo urlscan.io
SecurityTrails logo

www.volksstimme.de Open in urlscan Pro
107.154.76.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Submission: On June 09 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 48 HTTP transactions. The main IP is 107.154.76.234, located in United States and belongs to INCAPSULA, US. The main domain is www.volksstimme.de.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on January 31st 2020. Valid for: a year.
This is the only time www.volksstimme.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    107.154.76.234 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.234.ip.incapdns.net
www.volksstimme.de
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    83.138.84.238 (Germany)

ASN34895 (HOSTNET-DE-AS, DE)
PTR: becuzi.han-solo.net
row.volksstimme.de
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    88.99.63.231 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.231.63.99.88.clients.your-server.de
static.plista.com
2    2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    176.9.103.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.103.9.176.clients.your-server.de
farm.plista.com
2    37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    23.111.11.152 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
media.plista.com
Domain Requested by
14 www.volksstimme.de www.volksstimme.de
row.volksstimme.de
8 media.plista.com www.volksstimme.de
5 static.plista.com www.volksstimme.de
static.plista.com
3 farm.plista.com static.plista.com
www.volksstimme.de
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.volksstimme.de
3 cdnjs.cloudflare.com www.volksstimme.de
cdnjs.cloudflare.com
2 secure.adnxs.com 2 redirects
2 www.facebook.com www.volksstimme.de
2 row.volksstimme.de www.volksstimme.de
row.volksstimme.de
2 fonts.gstatic.com www.volksstimme.de
static.plista.com
2 connect.facebook.net www.volksstimme.de
connect.facebook.net
1 www.google.de www.volksstimme.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 cdn.jsdelivr.net www.googletagmanager.com
1 www.googletagmanager.com www.volksstimme.de
1 fonts.googleapis.com www.volksstimme.de
48 17
Subject Issuer Validity Valid
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-01-31 -
2021-01-31		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.volksstimme.de
COMODO RSA Domain Validation Secure Server CA		 2017-10-23 -
2021-01-20		 3 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-06-08 -
2021-04-17		 10 months crt.sh
*.plista.com
COMODO RSA Domain Validation Secure Server CA		 2020-06-02 -
2022-04-11		 2 years crt.sh
www.google.de
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Frame ID: 1C06C53355A28E495945B93D082134D9
Requests: 46 HTTP requests in this frame

Frame: https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
Frame ID: 304FF9B19905F185D971E50900EB3C15
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

48
Requests

100 %
HTTPS

65 %
IPv6

14
Domains

17
Subdomains

15
IPs

5
Countries

595 kB
Transfer

1709 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&gjid=249719376&_gid=1978361597.1591695222&_u=aGBAgAAj~&z=1901788404 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404&slf_rd=1&random=802360088
Request Chain 33
  • https://secure.adnxs.com/getuid?https%3A%2F%2Ffarm.plista.com%2Fmatching%2Fpixel%2F%3Fssp%3Dc3de%26dsp_user_id%3D$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ffarm.plista.com%252Fmatching%252Fpixel%252F%253Fssp%253Dc3de%2526dsp_user_id%253D%24UID HTTP 302
  • https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=5751152146879487830

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dax-marschiert-richtung-13.000-punkte
www.volksstimme.de/wirtschaft/ 		52 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ff07a11b312a6664e2b477092b35f885e8f78399d0fa8cfec918bc8b479fc617

Request headers

:method
GET
:authority
www.volksstimme.de
:scheme
https
:path
/wirtschaft/dax-marschiert-richtung-13.000-punkte
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
age
0
cache-control
max-age=360
content-encoding
gzip
content-type
text/html; charset=windows-1252
date
Tue, 09 Jun 2020 09:33:47 GMT
expires
Tue, 09 Jun 2020 09:38:43 GMT
last-modified
Tue, 09 Jun 2020 09:33:43 GMT
servedby
ND5-d-web-01.ncseufr1.loc
server
Microsoft-IIS/7.5
vary
X-UA,User-Agent
x-actual-url
ND5-D-WEB-01, (/wirtschaft/dax-marschiert-richtung-13.000-punkte)
x-cache
MISS-Varnish
x-forwarded-for
185.217.171.12, 149.126.75.3, 100.103.12.129, 100.103.12.129
x-handled-by
ND5-D-WEB-01, Rewrite on site MA
x-original-request
/wirtschaft/dax-marschiert-richtung-13.000-punkte
x-pass-through
NCS-AWS
x-passed-to
ND5-D-WEB-01, URL Rewrite on site MA (2020-06-09 11:33:43:158)
x-passed-to-beforedispatch
ND5-D-WEB-01, on site MA (2020-06-09 11:33:43:190)
x-passed-to-dll
ND5-D-WEB-01, (2020-06-09 11:33:43:190)
x-passed-to-postprocessresponse
ND5-D-WEB-01, on site MA (2020-06-09 11:33:43:299)
x-powered-by
ASP.NET
x-returned-from
ND5-D-WEB-01(2020-06-09 11:33:43:299)
x-returned-from-beforedispatch
ND5-D-WEB-01, on site MA (2020-06-09 11:33:43:236)
x-returned-from-dll
ND5-D-WEB-01 (2020-06-09 11:33:43:299)
x-returned-from-postprocessresponse
ND5-D-WEB-01, on site MA (2020-06-09 11:33:43:299)
x-served-by
ip-100-103-13-175.ncseufr1.loc
x-stale
false
x-ua-device
pc
x-varnish
568619846
x-varnish-beresp-grace
43200.000
x-varnish-beresp-status
404
x-varnish-beresp-ttl
360.000
set-cookie
visid_incap_1832326=zcX6NtLRR8KT0DCQHz9xJXRX314AAAAAQUIPAAAAAAAJdEwH8EE7MTasR21sricK; expires=Wed, 09 Jun 2021 06:41:33 GMT; HttpOnly; path=/; Domain=.volksstimme.de nlbi_1832326=2oZsTV5TgRJVU5BPqLU4iAAAAAC43630CyifRfU/84p845DU; path=/; Domain=.volksstimme.de incap_ses_281_1832326=HLstDfZJ5DUwRS0gL1DmA3VX314AAAAAi44ZzWOEKqIMr0a7u7PjAA==; path=/; Domain=.volksstimme.de
x-cdn
Incapsula
x-iinfo
8-36755727-36755728 NNNY CT(0 0 0) RT(1591695220893 0) q(0 0 0 0) r(2 2) U5
css
fonts.googleapis.com/ 		3 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Titillium+Web:400,500,600,700
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
65cb1ac9605e806ca6e843bac1c7323087544f5b0656cdb39a174d756e570927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 09:33:41 GMT
server
ESF
date
Tue, 09 Jun 2020 09:33:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Jun 2020 09:33:41 GMT
all.css
www.volksstimme.de/css/css-sass/ 		88 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/css/css-sass/all.css?date=20180907-v2
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
712ba18c7146718be41e6dbbee65478d330d52e8928d8e7b412fdd89dcb426b2

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
content-encoding
gzip
x-cdn
Incapsula
age
667
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755745-36755728 PNNy RT(1591695221078 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
748
servedby
ND5-d-web-03.ncseufr1.loc
content-length
22901
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Fri, 07 Sep 2018 11:33:22 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"23e219959e46d41:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
568619888 568397870
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
text/css
x-varnish-beresp-grace
43200.000
jquery-2.1.1.min.js
www.volksstimme.de/js/ 		82 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/js/jquery-2.1.1.min.js
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
724be727af2c6bb7535a932ee836aa242efa1fff255a275b3be6c980b2c0d3e6

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
content-encoding
gzip
x-cdn
Incapsula
age
909
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755746-36755747 NNNY CT(0 0 0) RT(1591695221081 0) q(0 0 0 -1) r(0 1) U5
x-ua-device
pc
x-cache-hits
4
servedby
ND5-d-web-01.ncseufr1.loc
content-length
37696
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Wed, 08 Oct 2014 09:17:12 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"01ca3a4d8e2cf1:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
568619889 568324281
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
application/x-javascript
x-varnish-beresp-grace
43200.000
custom.js
www.volksstimme.de/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/js/custom.js?date=20180907-v2
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7b2f0f417c9c110714510ab3dd0b09c52b467fbe527ef50c6e8240fcaa5c5944

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
content-encoding
gzip
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755748-36755749 NNNY CT(0 0 0) RT(1591695221082 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
635
servedby
ND5-d-web-04.ncseufr1.loc
content-length
2759
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Tue, 21 Jul 2015 08:37:22 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"08d3a7690c3d01:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,Accept-Encoding, User-Agent
x-varnish
568619890 568398383
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
application/x-javascript
x-varnish-beresp-grace
43200.000
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:41 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1420117
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
033a06ba190000c2724ea11200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-1207"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5a09da3cf9a0c272-FRA
expires
Sun, 30 May 2021 09:33:41 GMT
logo_azubis_de.png
www.volksstimme.de/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/images/logo_azubis_de.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1e4fb030db0b427caca763d99fc46470f470142db23a150f67f0527aded9030e

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755756-36755747 PNNy RT(1591695221124 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
617
servedby
ND5-d-web-03.ncseufr1.loc
content-length
5619
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Fri, 05 Feb 2016 14:21:34 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"64e51a842060d11:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619899 568398403
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
logo_biber_ticket.png
www.volksstimme.de/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/images/logo_biber_ticket.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1497a601d492bc7fd4d0822c52f82243bad8be1b845f61df399debd3f24dad85

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755759-36755749 PNNy RT(1591695221132 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
608
servedby
ND5-d-web-05.ncseufr1.loc
content-length
5814
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Fri, 05 Feb 2016 14:19:24 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"f231b1362060d11:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619901 568398391
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
logo_biber_post.png
www.volksstimme.de/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/images/logo_biber_post.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ea0aeee351f9da3108682038b2a4c3569c9b2607aea75807cf108b31efad24e1

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755761-36755749 PNNy RT(1591695221149 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
610
servedby
ND5-d-web-01.ncseufr1.loc
content-length
5503
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Fri, 05 Feb 2016 14:16:30 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"ec3dd7ce1f60d11:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619903 568398392
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
logo-mediengruppe.png
www.volksstimme.de/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/images/logo-mediengruppe.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
200be8d0883ec1f25660ae65d69a248bb57d87802ab31d99aaa139b1b86011b0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755762-36755747 PNNy RT(1591695221150 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
614
servedby
ND5-d-web-02.ncseufr1.loc
content-length
3146
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Mon, 23 Jul 2018 07:28:13 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"80e4ccb65622d41:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619904 568398393
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
Logo-Volksstimme.png
www.volksstimme.de/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/images/Logo-Volksstimme.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
02205e4a7231e15cb24ac3dfb34b4b2d1b315adba3ee076536ce0be1052f0254

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
666
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755763-36755728 PNNy RT(1591695221150 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
631
servedby
ND5-d-web-04.ncseufr1.loc
content-length
16597
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Fri, 05 Feb 2016 14:03:36 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"6016aa11e60d11:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619905 568398406
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
_Incapsula_Resource
www.volksstimme.de/ 		119 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1527162531
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
cb0dd2f6cc1a021f68a7b43d225f8f11bb1251bfee2fd70e5b4bd45a86afc4e9

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-encoding
gzip
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
17348
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NKSNV3
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8f825cc7eba70e1eebd3fa5965894e2c873faeca99a5572d2524ca99c6938b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:41 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47622
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Jun 2020 09:33:41 GMT
fbevents.js
connect.facebook.net/en_US/ 		131 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
31766
x-xss-protection
0
pragma
public
x-fb-debug
SKHEUhCCpKmmAIWzXA00r8ZbQVD7sW5OZL76pj6bD3G1DHeH8ZPgZVockFJQM3JqfITd+QPdvWTTP7EMGDY5wg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 09 Jun 2020 09:33:41 GMT, Tue, 09 Jun 2020 09:33:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/js/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Titillium+Web:400,500,600,700
Origin
https://www.volksstimme.de

Response headers

date
Sun, 17 May 2020 05:18:45 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:58 GMT
server
sffe
age
2002496
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11744
x-xss-protection
0
expires
Mon, 17 May 2021 05:18:45 GMT
vs-iconfont.woff
www.volksstimme.de/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.volksstimme.de/fonts/vs-iconfont.woff?-4756xh
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/js/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
e431dce564803144674ce087c5341b48895872fe971b1d80bda38e1111692b58

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Origin
https://www.volksstimme.de

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
content-encoding
gzip
x-cdn
Incapsula
age
17
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755765-36755766 NNYY CT(0 0 0) RT(1591695221156 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
11
servedby
ND5-d-web-01.ncseufr1.loc
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
120.000
last-modified
Fri, 01 Jun 2018 09:26:00 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
etag
"084948d8af9d31:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619906 568615118
x-stale
true
accept-ranges
bytes
content-type
application/font-woff
x-varnish-beresp-grace
43200.000
afr.php
row.volksstimme.de/www/delivery/ Frame 304F 		1 KB
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.84.238 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
becuzi.han-solo.net
Software
Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /
Resource Hash
a5d62d80e4140bd53c86be97c0677eb76fd68876c3e44b0073ba2ca2d1199041
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
row.volksstimme.de
:scheme
https
:path
/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visid_incap_1832326=zcX6NtLRR8KT0DCQHz9xJXRX314AAAAAQUIPAAAAAAAJdEwH8EE7MTasR21sricK; nlbi_1832326=2oZsTV5TgRJVU5BPqLU4iAAAAAC43630CyifRfU/84p845DU; incap_ses_281_1832326=HLstDfZJ5DUwRS0gL1DmA3VX314AAAAAi44ZzWOEKqIMr0a7u7PjAA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte

Response headers

status
200
date
Tue, 09 Jun 2020 09:33:41 GMT
server
Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
pragma
no-cache
cache-control
no-cache, no-store, must-revalidate max-age=0, private, no-store, no-cache, must-revalidate
expires
0
access-control-allow-origin
*
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAID=c16624497e9889b5ff02364cddccae79; expires=Wed, 09-Jun-2021 09:33:41 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=15768000
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-type
text/html; charset=UTF-8
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKSNV3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
26261
x-cache
HIT, HIT
status
200
content-length
1062
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
x-served-by
cache-fra19178-FRA, cache-hhn4023-HHN
date
Tue, 09 Jun 2020 09:33:41 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
1734066336856104
connect.facebook.net/signals/config/ 		516 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1734066336856104?v=2.9.18&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
284eab4f95b1ac08ff9d6b609ef0f6672ca27f83b0060ce2dc1ed7ac0ddf7d5a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
131691
x-xss-protection
0
pragma
public
x-fb-debug
ZJ/rCiae6pEH0wSzoJc1pn0T6b9bFuX5frKJE5fWOKX+lxB20nUUXCNXpkNA9mmjfrpXg6/Pg88LkP7aAbuIUA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Tue, 09 Jun 2020 09:33:41 GMT, Tue, 09 Jun 2020 09:33:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKSNV3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2242
date
Tue, 09 Jun 2020 08:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Tue, 09 Jun 2020 10:56:19 GMT
MA153310.JPG
www.volksstimme.de/assets/jpg/ Frame 304F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/assets/jpg/MA153310.JPG
Requested by
Host: row.volksstimme.de
URL: https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
378252f91edbbdc4d79309d1cdd3b95951e4f748c3ba33dfe48f43ae6e23f4f2

Request headers

Referer
https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:47 GMT
x-cdn
Incapsula
age
665
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755808-36755766 PNNy RT(1591695221403 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
494
servedby
ND5-d-web-03.ncseufr1.loc
content-length
7323
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Thu, 12 Mar 2015 12:10:50 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"b86c6e94bd5cd01:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568619966 568398724
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/jpeg
x-varnish-beresp-grace
43200.000
lg.php
row.volksstimme.de/www/delivery/ Frame 304F 		43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://row.volksstimme.de/www/delivery/lg.php?bannerid=1&campaignid=1&zoneid=1&loc=https%3A%2F%2Fwww.volksstimme.de%2Fwirtschaft%2Fdax-marschiert-richtung-13.000-punkte&cb=e248bf9760
Requested by
Host: row.volksstimme.de
URL: https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.138.84.238 , Germany, ASN34895 (HOSTNET-DE-AS, DE),
Reverse DNS
becuzi.han-solo.net
Software
Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://row.volksstimme.de/www/delivery/afr.php?zoneid=1&cb=INSERT_RANDOM_NUMBER_HERE
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 09:33:41 GMT
content-encoding
gzip
server
Apache/2.4.41 (FreeBSD) OpenSSL/1.0.2s mod_fcgid/2.3.9
status
200
vary
Accept-Encoding,User-Agent
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0, private, no-store, no-cache, must-revalidate
strict-transport-security
max-age=15768000
content-type
image/gif
expires
0
async.js
static.plista.com/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.plista.com/async.js
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.63.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.63.99.88.clients.your-server.de
Software
nginx /
Resource Hash
c3284ebec48712a73e6bf555c05142bc13ca9322a40a09677a90feb5411bf739
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-plista-versions
plista-plugin- libplista-php-0.0.0
date
Tue, 09 Jun 2020 09:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556
x-plista-node
plista852
status
200
content-length
16643
last-modified
Tue, 09 Jun 2020 09:24:23 GMT
server
nginx
vary
Accept-Encoding
x-varnish
844064835 844467933
via
1.1 varnish-v4
cache-control
public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Wed, 10 Jun 2020 09:24:24 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 08:34:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3545
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Tue, 09 Jun 2020 09:34:36 GMT
_Incapsula_Resource
www.volksstimme.de/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/_Incapsula_Resource?SWKMTFSR=1&e=0.01740209885639321
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
MA3722319.PNG
www.volksstimme.de/assets/pdf/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.volksstimme.de/assets/pdf/MA3722319.PNG
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
70b92ec268821dc813209c3ebe03f44338256f45e8886b43e04d0ad582eef291

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:48 GMT
x-cdn
Incapsula
age
653
x-powered-by
ASP.NET
x-cache
HIT-Varnish
status
200
x-iinfo
8-36755843-36755766 PNNy RT(1591695221684 0) q(0 0 0 -1) r(0 0) U5
x-ua-device
pc
x-cache-hits
342
servedby
ND5-d-web-05.ncseufr1.loc
content-length
10174
x-pass-through
NCS-AWS
x-varnish-beresp-ttl
1440.000
last-modified
Thu, 19 Mar 2020 08:49:13 GMT
server
Microsoft-IIS/7.5
x-varnish-beresp-status
200
x-cachereason
Static
etag
"75abc44cbfdd51:0"
x-served-by
ip-100-103-13-175.ncseufr1.loc
vary
X-UA,User-Agent
x-varnish
568620052 568403761
cache-control
public, max-age=1440
x-stale
true
accept-ranges
bytes
content-type
image/png
x-varnish-beresp-grace
43200.000
/
www.facebook.com/tr/ 		44 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1734066336856104&ev=PageView&dl=https%3A%2F%2Fwww.volksstimme.de%2Fwirtschaft%2Fdax-marschiert-richtung-13.000-punkte&rl=&if=false&ts=1591695221906&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591695221904.592684743&it=1591695221574&coo=false&rqm=GET
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:41 GMT, Tue, 09 Jun 2020 09:33:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 09 Jun 2020 09:33:41 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j82&aip=1&a=1317331589&t=pageview&_s=1&dl=https%3A%2F%2Fwww.volksstimme.de%2Fwirtschaft%2Fdax-marschiert-richtung-13.000-punkte&ul=en-us&de=windows-1252&dt=Volksstimme.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=100120337&gjid=249719376&cid=2043586749.1591695222&tid=UA-31118474-4&_gid=1978361597.1591695222&gtm=2wg5r0NKSNV3&cd2=Non-AMP&cd5=Volksstimme%20Magdeburg&cd7=0&cd10=2020-06-09T11%3A33%3A41.587%2B02%3A00&cd9=2043586749.1591695222&z=1718916852
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 19:27:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2124398
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&gjid=249719376&_gid=1978361597.1591695222&_u=aGBAgAAj~&z=1901788404
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404&slf_rd=1&random=802360088
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404&slf_rd=1&random=802360088
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 09:33:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Jun 2020 09:33:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31118474-4&cid=2043586749.1591695222&jid=100120337&_v=j82&z=1901788404&slf_rd=1&random=802360088
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
be0ae6eea3e82b0c0bfe1bf9d2e032339bf49fc4.js
static.plista.com/async/pub/ 		109 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.plista.com/async/pub/be0ae6eea3e82b0c0bfe1bf9d2e032339bf49fc4.js
Requested by
Host: static.plista.com
URL: https://static.plista.com/async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.63.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.63.99.88.clients.your-server.de
Software
nginx /
Resource Hash
563ebbc59e2df3b857a04c92d1d32e2f1e834af22c3d6615002a2b4e6498d088
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Jun 2020 09:26:12 GMT
server
nginx
age
448
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, must-revalidate, proxy-revalidate
x-varnish
844416271 844346784
accept-ranges
bytes
content-length
8961
via
1.1 varnish-v4
expires
Wed, 10 Jun 2020 09:26:13 GMT
async_lib.js
farm.plista.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://farm.plista.com/async_lib.js?json=%7B%22name%22%3A%22PLISTA_%5B0%5D%22%2C%22publickey%22%3A%22be0ae6eea3e82b0c0bfe1bf9d2e032339bf49fc4%22%2C%22rev%22%3A1591621686%2C%22req%22%3A%5B%5B%22widgetload%22%2C%7B%22widgets%22%3A%5B%22underArticle%22%5D%2C%22ab%22%3A0%2C%22vo%22%3Atrue%2C%22pm%22%3Atrue%2C%22sc%22%3A%221600x1200%22%2C%22px%22%3A1%2C%22vs%22%3A%220.10.5%22%2C%22ww%22%3A1600%2C%22wb%22%3Atrue%7D%5D%5D%7D&x=1591695222027
Requested by
Host: static.plista.com
URL: https://static.plista.com/async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.103.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.103.9.176.clients.your-server.de
Software
nginx /
Resource Hash
89b5fa951a58f3e7ead7963a991f1fabcf0ed50568e85618038b8b04a781d9ba

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 09:33:42 GMT
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 09:33:42 GMT
server
nginx
p3p
policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"
status
200
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
5932
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1734066336856104&ev=Microdata&dl=https%3A%2F%2Fwww.volksstimme.de%2Fwirtschaft%2Fdax-marschiert-richtung-13.000-punkte&rl=&if=false&ts=1591695222409&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Volksstimme.de%22%2C%22meta%3Adescription%22%3A%22Aktuelle%20Nachrichten%2C%20Anzeigen%2C%20Angebote%2C%20Mehrwertdienste%2C%20interaktive%20Inhalte%20der%20regionalen%20Tageszeitung%20Volksstimme%20im%20n%C3%B6rdlichen%20Sachsen-Anhalt.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A16%2C%22w%22%3A940%7D%2C%22properties%22%3A%7B%22url%22%3A%22%22%2C%22title%22%3A%22404-Fehler%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fdata-vocabulary.org%2FBreadcrumb%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1591695221904.592684743&it=1591695221574&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT, Tue, 09 Jun 2020 09:33:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 09 Jun 2020 09:33:42 GMT
0.10.5.js
static.plista.com/async/min/ast,highimpact/ 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.plista.com/async/min/ast,highimpact/0.10.5.js
Requested by
Host: static.plista.com
URL: https://static.plista.com/async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.63.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.63.99.88.clients.your-server.de
Software
nginx /
Resource Hash
7f2d3b9e041dd4ad347335f730c0fe8c1923e309a8b4dc5fafe75ccabc03a6c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Jun 2020 09:25:10 GMT
server
nginx
age
510
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, must-revalidate, proxy-revalidate
x-varnish
843639256 843965599
accept-ranges
bytes
content-length
23877
via
1.1 varnish-v4
expires
Wed, 10 Jun 2020 09:25:11 GMT
/
farm.plista.com/matching/pixel/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Ffarm.plista.com%2Fmatching%2Fpixel%2F%3Fssp%3Dc3de%26dsp_user_id%3D$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ffarm.plista.com%252Fmatching%252Fpixel%252F%253Fssp%253Dc3de%2526dsp_user_id%253D%24UID
  • https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=5751152146879487830
35 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=5751152146879487830
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.103.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.103.9.176.clients.your-server.de
Software
nginx /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Tue, 09 Jun 2020 09:33:42 GMT
content-encoding
gzip
server
nginx
content-type
image/gif
content-length
51
p3p
policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"

Redirect headers

Pragma
no-cache
Date
Tue, 09 Jun 2020 09:33:44 GMT
X-Proxy-Origin
185.217.171.12; 185.217.171.12; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid
529deed1-3419-4fc4-8841-d6effda304e0
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://farm.plista.com/matching/pixel/?ssp=c3de&dsp_user_id=5751152146879487830
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
Requested by
Host: static.plista.com
URL: https://static.plista.com/async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Titillium+Web:400,500,600,700
Origin
https://www.volksstimme.de

Response headers

date
Mon, 18 May 2020 19:35:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:34 GMT
server
sffe
age
1864716
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12344
x-xss-protection
0
expires
Tue, 18 May 2021 19:35:06 GMT
1.png
static.plista.com/image/adchoices/de/13/119,119,119/0/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.plista.com/image/adchoices/de/13/119,119,119/0/1.png
Requested by
Host: static.plista.com
URL: https://static.plista.com/async.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.63.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.63.99.88.clients.your-server.de
Software
nginx /
Resource Hash
76ceb9b46c9787fba45d74064ac8e7ea819b8cfe3060d11a0c9cea3706f4575f

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
via
1.1 varnish-v4
last-modified
Mon, 08 Jun 2020 13:57:37 GMT
server
nginx
age
70564
content-type
Content-type: image/png; charset=utf-8
status
200
cache-control
public, must-revalidate, proxy-revalidate
x-varnish
844064873 831958692
accept-ranges
bytes
content-length
1148
expires
Wed, 08 Jul 2020 13:57:38 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200603%2FARTIKEL%2F200609708%2FAR%2F0%2FAR-200609708.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/e-ASY-W5jz7cirba4Gxk9f6C5C4=/320x240/smart/filters:format(webp):quality(85)/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/e-ASY-W5jz7cirba4Gxk9f6C5C4=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200603%2FARTIKEL%2F200609708%2FAR%2F0%2FAR-200609708.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
bcd8bbe61f68fad184cacd64a831558006c02ce8217d335ab5944ba0ba07a705

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:43 GMT
server
NetDNA-cache/2.2
etag
"acf9c4459a4d2550a3beec7f168b3839b2f2a837"
x-cache
MISS
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
12910
plista-status
Success
expires
Thu, 09 Jul 2020 09:33:43 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200605%2FARTIKEL%2F200609180%2FAR%2F0%2FAR-200609180.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/XPAKz1_kIMdxi6rd-wzH3-nyu7c=/320x240/smart/filters:format(webp):quality(85)/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/XPAKz1_kIMdxi6rd-wzH3-nyu7c=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200605%2FARTIKEL%2F200609180%2FAR%2F0%2FAR-200609180.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
d1813d4d78e81c55ccfac6711f7b0367f9767644c33bae6a5832f5a5e3b282b2

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"d9bff5b7ad5c15d06935fd574a4054e205bc89a4"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
16304
plista-status
Success
expires
Sun, 05 Jul 2020 14:37:13 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200602%2FARTIKEL%2F200609875%2FAR%2F0%2FAR-200609875.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/-BzwGOP24d6Qnr9BivJVzJmhpEU=/320x240/smart/filters:format(webp):quality(85)/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/-BzwGOP24d6Qnr9BivJVzJmhpEU=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200602%2FARTIKEL%2F200609875%2FAR%2F0%2FAR-200609875.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
126e21d5cfa000895dfa6e2f841c1a83aea61cf108007e565a88ee0a88aed086

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"77aa20880e25ff60551448486dd046120e47d149"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
24684
plista-status
Success
expires
Thu, 02 Jul 2020 09:23:33 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FARTIKEL%2F200609132%2FAR%2F0%2FAR-200609132.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/RW9q-uWsZMTkSMz-kBLN09qoLYo=/320x240/smart/filters:format(webp):quality(85)/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/RW9q-uWsZMTkSMz-kBLN09qoLYo=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FARTIKEL%2F200609132%2FAR%2F0%2FAR-200609132.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8ae13f0a8bd15abde62e848b7c05fb9cf09a0c224458a07ed6170b006d3f960d

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"76548a7207dc42c226ce3d4fa7c5ea43185cce51"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
19992
plista-status
Success
expires
Sun, 05 Jul 2020 22:19:41 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200605%2FDPA%2F306059994%2FAR%2F0%2FAR-306059994.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/QUcLzJWqeP2iYq6Z9p1bxU_W7gA=/320x240/smart/filters:format(webp):quality(85)/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/QUcLzJWqeP2iYq6Z9p1bxU_W7gA=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200605%2FDPA%2F306059994%2FAR%2F0%2FAR-306059994.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
6d84f71a7ff2ac9d4c3b4d6109408992f5d4e3a25da1d29e62324e2012215ca7

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"a3fbb49318cfb0dfd10891e7d03720274935a1d7"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
18098
plista-status
Success
expires
Thu, 09 Jul 2020 05:01:56 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200604%2FDPA%2F306049923%2FAR%2F0%2FAR-306049923.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/ynuDDEJy1RLqegfwQaelFAxj_U0=/320x240/smart/filters:format(webp):quality(85)/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/ynuDDEJy1RLqegfwQaelFAxj_U0=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200604%2FDPA%2F306049923%2FAR%2F0%2FAR-306049923.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
b4c7d88ce4f1fa5d5f8aa689b9ba18fb97bdd6d81a226fd02eb989346cf1a4f2

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"382fa2e94ade385901c13ec8bdc7a382d72d3464"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
9512
plista-status
Success
expires
Sat, 04 Jul 2020 10:24:26 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FDPA%2F306069989%2FAR%2F0%2FAR-306069989.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/UcvzRFBYCiu21LIs7ePBYw9KyRw=/320x240/smart/filters:format(webp):quality(85)/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/UcvzRFBYCiu21LIs7ePBYw9KyRw=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FDPA%2F306069989%2FAR%2F0%2FAR-306069989.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c8152b26887c4c037ff05beb4e2029179e0841d355ded1332867357fe72202fa

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"675ac549086078a93ae6ec5a9ef3f6bd5dda47c9"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
8270
plista-status
Success
expires
Wed, 08 Jul 2020 19:33:22 GMT
https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FDPA%2F306069984%2FAR%2F0%2FAR-306069984.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
media.plista.com/XJEm3xCf3nPP3veRtKz8MjSDZZE=/320x240/smart/filters:format(webp):quality(85)/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.plista.com/XJEm3xCf3nPP3veRtKz8MjSDZZE=/320x240/smart/filters:format(webp):quality(85)/https%3A%2F%2Fwww.volksstimme.de%2Fstoryimage%2FMA%2F20200606%2FDPA%2F306069984%2FAR%2F0%2FAR-306069984.jpg%26MaxW%3D505%26ImageVersion%3Ddefault
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.11.152 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4cfcf6bf9421b7382dcfb985b0e0087617a337eb2e110eb26f26cfa76adbfcb0

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
server
NetDNA-cache/2.2
etag
"f694bf070429a277ffaa89d6a40886a049256504"
x-cache
HIT
content-type
image/webp
status
200
cache-control
max-age=2592000,public
content-length
13032
plista-status
Success
expires
Mon, 06 Jul 2020 04:57:11 GMT
logo_plista_small_AAAAAA.png
static.plista.com/image/ 		496 B
699 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.plista.com/image/logo_plista_small_AAAAAA.png
Requested by
Host: www.volksstimme.de
URL: https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.63.231 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.231.63.99.88.clients.your-server.de
Software
nginx /
Resource Hash
faea89a46006a0b0f32b72ef261eac31ac21d72da9492d7e0b0f53afa0a17bea

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:42 GMT
via
1.1 varnish-v4
server
nginx
age
70614
x-varnish
844189612 831830180
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-type
Content-type: image/png; charset=utf-8
content-length
496
expires
Wed, 08 Jul 2020 13:56:48 GMT
dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		3 KB
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:43 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
19276570
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
033a06c1430000c2724eaa4200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
W/"5afd48e8-c28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
5a09da486be3c272-FRA
expires
Sun, 30 May 2021 09:33:43 GMT
logo.png
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.10/dark-bottom.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Jun 2020 09:33:43 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
19189450
status
200
alt-svc
h3-27=":443"; ma=86400
content-length
3083
cf-request-id
033a06c1600000c2724eaa8200000001
served-in-seconds
0.000
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:18:32 GMT
server
cloudflare
etag
"5afd48e8-c0b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5a09da489c4ec272-FRA
expires
Sun, 30 May 2021 09:33:43 GMT
/
farm.plista.com/event/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farm.plista.com/event/?friendid=0&frienddomainid=702&widgetid=1385577&bucketid=0&type=visible&items=613026711,613268578,612931829,613306942,613224951,613149069,613313467,613314346&campaigns=0,0,0,0,0,0,0,0&bv=_0_XVBLjkMxCDtPJRaYP_e_2JjXjkYdkoUDNsGICNaikWITpVOCSdM1E0uEDkRfmAm-a1aFYeIMCHIAzZYYAolVqtgwF7Vp97A0dLqwfNJW5tDux2M4UtWZUss0twhBaeaQAJ_MbiYwjT46-EOBfKkMPWD3wFMj3_RosM7yK9KYdioMGcDeyL2urjQZSjuPG1igos-4R-E9GbeiOkwudpLEG99oNtpAjTo9iqTKONo8Y_tAlcwzzQlsKqb00_FvLU6rmE-eleJfXPVZ3e3GATs6QeTcWj8AX31MKSxdevd4Vqp373DwHoriyb5Moe2_5r4C_44B2Rv1Aw&tend=1591724022&crc=0244794210847eb40ad801e3ccae23d7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
176.9.103.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.103.9.176.clients.your-server.de
Software
nginx /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://www.volksstimme.de/wirtschaft/dax-marschiert-richtung-13.000-punkte
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Jun 2020 09:33:45 GMT
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 09:33:45 GMT
server
nginx
p3p
policyref="https://www.plista.com/w3c/p3p.xml", CP="CAO DSP COR TAIa PSAa PSDa IVAi IVDi CONi HISa OUR IND PHY ONL UNI COM NAV INT DEM STA PRE"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif; charset=utf-8
content-length
51
expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| setStickyClasses object| cookieconsent_options boolean| hasCookieConsent object| dataLayer function| fbq function| _fbq function| Logout function| getCookie function| setCookie function| CheckUrlForSpecificString function| SSOStatus function| SSOLogin string| GCurrentURL string| GNnrStories object| google_tag_manager function| postscribe object| $defaultcontent object| $allsublists boolean| RegUser string| hidden string| visibilityChange object| videoElement function| handleVisibilityChange object| google_tag_data string| GoogleAnalyticsObject function| ga function| Cookies function| global_vars function| dmp_cookie_process function| dmp_cookie_read function| dmp_cookie_write function| mobile_article_beauty function| mobile_uebersicht_beauty function| mobile_header_beauty function| mobile_article_newsletter_add function| mobile_article_eigenwerbung_ev function| mobile_article_eigenwerbung_digi function| mobile_article_eigenwerbung_100jahre function| mobile_uebersicht_eigenwerbung function| mobile_uebersicht_eigenwerbung_biti function| mobile_uebersicht_eigenwerbung_reisekatalog function| mobile_eigenenwerbung_before_content function| stationaer_eigenwerbung_uebersicht function| stationaer_eigenwerbung_uebersicht_100jahre function| seo_link_ort function| seo_title_ort function| paywall object| PLISTA object| gaplugins object| gaGlobal object| gaData function| newslistHover string| subdomain string| domain boolean| is_www boolean| is_m boolean| is_paid string| path boolean| is_article boolean| is_special string| referrer string| regio_code number| maxscrolled object| list number| banner function| PLISTA_JSONP_66E0D1 object| PLISTA_ boolean| PLISTA_HIA_INIT function| update_cookieconsent_options

8 Cookies

Domain/Path Name / Value
row.volksstimme.de/ Name: OAID
Value: c16624497e9889b5ff02364cddccae79
.volksstimme.de/ Name: _fbp
Value: fb.1.1591695221904.592684743
.volksstimme.de/ Name: _dc_gtm_UA-31118474-4
Value: 1
.volksstimme.de/ Name: nlbi_1832326
Value: 2oZsTV5TgRJVU5BPqLU4iAAAAAC43630CyifRfU/84p845DU
.volksstimme.de/ Name: _ga
Value: GA1.2.2043586749.1591695222
.volksstimme.de/ Name: visid_incap_1832326
Value: zcX6NtLRR8KT0DCQHz9xJXRX314AAAAAQUIPAAAAAAAJdEwH8EE7MTasR21sricK
.volksstimme.de/ Name: _gid
Value: GA1.2.1978361597.1591695222
.volksstimme.de/ Name: incap_ses_281_1832326
Value: HLstDfZJ5DUwRS0gL1DmA3VX314AAAAAi44ZzWOEKqIMr0a7u7PjAA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
farm.plista.com
fonts.googleapis.com
fonts.gstatic.com
media.plista.com
row.volksstimme.de
secure.adnxs.com
static.plista.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.volksstimme.de
107.154.76.234
176.9.103.51
23.111.11.152
2606:4700::6810:85e5
2a00:1450:4001:801::200a
2a00:1450:4001:814::2003
2a00:1450:4001:815::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:1b::621
37.252.173.38
83.138.84.238
88.99.63.231
02205e4a7231e15cb24ac3dfb34b4b2d1b315adba3ee076536ce0be1052f0254
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
126e21d5cfa000895dfa6e2f841c1a83aea61cf108007e565a88ee0a88aed086
1497a601d492bc7fd4d0822c52f82243bad8be1b845f61df399debd3f24dad85
1e4fb030db0b427caca763d99fc46470f470142db23a150f67f0527aded9030e
200be8d0883ec1f25660ae65d69a248bb57d87802ab31d99aaa139b1b86011b0
284eab4f95b1ac08ff9d6b609ef0f6672ca27f83b0060ce2dc1ed7ac0ddf7d5a
2cfd819fbd75277ef9c79698e0f96ba2d6a46d1453a7b625f7e4d5d9551322ea
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
378252f91edbbdc4d79309d1cdd3b95951e4f748c3ba33dfe48f43ae6e23f4f2
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
4cfcf6bf9421b7382dcfb985b0e0087617a337eb2e110eb26f26cfa76adbfcb0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
563ebbc59e2df3b857a04c92d1d32e2f1e834af22c3d6615002a2b4e6498d088
65cb1ac9605e806ca6e843bac1c7323087544f5b0656cdb39a174d756e570927
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6d84f71a7ff2ac9d4c3b4d6109408992f5d4e3a25da1d29e62324e2012215ca7
70b92ec268821dc813209c3ebe03f44338256f45e8886b43e04d0ad582eef291
712ba18c7146718be41e6dbbee65478d330d52e8928d8e7b412fdd89dcb426b2
724be727af2c6bb7535a932ee836aa242efa1fff255a275b3be6c980b2c0d3e6
76ceb9b46c9787fba45d74064ac8e7ea819b8cfe3060d11a0c9cea3706f4575f
7b2f0f417c9c110714510ab3dd0b09c52b467fbe527ef50c6e8240fcaa5c5944
7f2d3b9e041dd4ad347335f730c0fe8c1923e309a8b4dc5fafe75ccabc03a6c4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89b5fa951a58f3e7ead7963a991f1fabcf0ed50568e85618038b8b04a781d9ba
8ae13f0a8bd15abde62e848b7c05fb9cf09a0c224458a07ed6170b006d3f960d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9d2af3977cc879022d4f18d519ac1bce009ef573d3676b719d93d4752f4cda51
9dae62151120e18b465ffc5c8e9e342ecc28a6efe1a0d71c9766d677a5ddc389
a5d62d80e4140bd53c86be97c0677eb76fd68876c3e44b0073ba2ca2d1199041
b4c7d88ce4f1fa5d5f8aa689b9ba18fb97bdd6d81a226fd02eb989346cf1a4f2
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bcd8bbe61f68fad184cacd64a831558006c02ce8217d335ab5944ba0ba07a705
c3284ebec48712a73e6bf555c05142bc13ca9322a40a09677a90feb5411bf739
c8152b26887c4c037ff05beb4e2029179e0841d355ded1332867357fe72202fa
c8f825cc7eba70e1eebd3fa5965894e2c873faeca99a5572d2524ca99c6938b6
cb0dd2f6cc1a021f68a7b43d225f8f11bb1251bfee2fd70e5b4bd45a86afc4e9
cd6f4900abc2da200ad96c75852facfd8872610ce9dd259acf3cc82507490dd3
d1813d4d78e81c55ccfac6711f7b0367f9767644c33bae6a5832f5a5e3b282b2
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e431dce564803144674ce087c5341b48895872fe971b1d80bda38e1111692b58
ea0aeee351f9da3108682038b2a4c3569c9b2607aea75807cf108b31efad24e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faea89a46006a0b0f32b72ef261eac31ac21d72da9492d7e0b0f53afa0a17bea
ff07a11b312a6664e2b477092b35f885e8f78399d0fa8cfec918bc8b479fc617